Vulnerabilities > Advanced Real Estate Script Project > Advanced Real Estate Script > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-05	CVE-2019-20337	SQL Injection vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9 In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection. network low complexity advanced-real-estate-script-project CWE-89	7.2
2018-08-10	CVE-2018-15187	Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9 PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. network low complexity advanced-real-estate-script-project CWE-352	8.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.